Laravel: Go for Passwordless Authentication

Laravel: Go for Passwordless Authentication

ยท

2 min read

Hey guys,

Authentication topic today ๐Ÿ˜Ž

We all know that Laravel ships the default Email & Password authentication for us. The good'ol traditional way.

However, it's 2024 now. By registering using Email & Password, then users have to verify their emails. It's way bad UX and reduces your sign-up rates.

The passwordless is here to save the day ๐Ÿ˜Ž

The PROs of using Passwordless Authentication

  • Sign-up user flow will be really fast, with fewer inputs (or even 0 inputs) ๐Ÿ˜Ž

  • The pain of remembering passwords is gone ๐Ÿฅฐ

  • Save storage cuz we don't really store users' passwords (encrypted obviously) in our DB ๐Ÿฅน

  • Verify the user's email in 1 go, 2 birds with 1 stone.

Laravel Passwordless Authentication - The Approaches

Social Auth

By utilizing Laravel Socialite, we can provide a quick sign-up/sign-in flow using:

  • Google

  • GitHub

  • (or any awesome platform out there)

After users sign in, Laravel Socialite will give you some basic details: open id, full name, email, and profile picture.

Then simply do an upsert operation and Auth::login($user) to sign your user in ๐Ÿ˜Ž

For this, we only need users to input their email and their names, and then we are all good ๐ŸŒน

For this, you might need to implement your own generated_magic_links table, e.g:

  • id

  • user_id

  • hash

You can create a temporary user with email_verified_at = NULL . Then send out the email using Laravel Mail feature.

On the user's first visit, you touch the email_verified_at , then log them in ๐Ÿ”ฅ

Easy right?

Other ways

  • Send SMS (cost more lol)

  • Use TOTP (time-based one-time password as temporary password)

Considerations

  • To increase the security, we can apply the two-factor authentication method after logging in.

Conclusions

My applications use Passwordless authentication, check out RenderPDF.io as an example ๐Ÿ˜Ž.

Using passwordless is really cool and hassle-free. Fewer inputs, a happier life.

Happy coding guys!

ย